Fix k8s for example for rootCAs serversTransport #9274
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
It fixes a configuration example which doesn't match documentation.
The
rootCAs
(forserversTransport
) secret data used the keytls.crt
, but it must be eitherca.crt
ortls.ca
according to the docs at https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-serverstransport.Motivation
I was wondering if a
cert-manager.io/Certificate
secret could be used to provide the CA. It didn't appear so from the example, since the leaf certificate would be used, but when I looked at the docs, it became clear that it would work as expected.